Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Microsoft Security Researcher - Microsoft Defender Cloud Apps 
Israel, Tel Aviv District, Tel Aviv-Yafo 
757253183

11.06.2024
Qualifications
  • You have at least 5+ years of experience in cyber security with a background in the modern attacker kill-chain, MITRE ATT&CK, and emerging enterprise threats including attacks against SaaS Apps (Sharepoint, Exchange, Entra ID), Oauth Apps, Enterprise Apps.
  • You have BS or equivalent experience in computer science, engineering, or information technology.
  • You have understand and deep knowledge of few commonly used attack tools and frameworks used by Redteam Proficient in at least one programming language such as Python, C#, or C++.
  • You have excellent cross-group and interpersonal skills, with the ability to articulate the business need for product improvements and a desire to engage directly with customers. Experience working with and manipulating large data sets (i.e. billions of events per day).

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:
- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Offensive security research experience for cloud-based attacks. Industry recognized author of security research papers, blogs, presentations, or books. SOC or blue team experience involving the hunting and discovery of adversaries in enterprise environments.

Responsibilities
  • Perform financial motivated attacker tradecraft research and threat landscape investigation across cloud-based attacks spanning permissions, identities, applications, and data.
  • Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities.
  • Threat hunting to discover real world advanced attacks together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft Defender security products.
  • Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
  • Provide subject matter expertise to customers based on industry attack trends and product capabilities.